| <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> |
| <!-- NewPage --> |
| <html lang="en"> |
| <head> |
| <!-- Generated by javadoc (1.8.0_92) on Mon Sep 12 21:42:53 EDT 2016 --> |
| <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> |
| <title>AuthorizationFilter (Apache Shiro 1.3.2 API)</title> |
| <meta name="date" content="2016-09-12"> |
| <link rel="stylesheet" type="text/css" href="../../../../../../stylesheet.css" title="Style"> |
| <script type="text/javascript" src="../../../../../../script.js"></script> |
| </head> |
| <body> |
| <script type="text/javascript"><!-- |
| try { |
| if (location.href.indexOf('is-external=true') == -1) { |
| parent.document.title="AuthorizationFilter (Apache Shiro 1.3.2 API)"; |
| } |
| } |
| catch(err) { |
| } |
| //--> |
| var methods = {"i0":10,"i1":10,"i2":10}; |
| var tabs = {65535:["t0","All Methods"],2:["t2","Instance Methods"],8:["t4","Concrete Methods"]}; |
| var altColor = "altColor"; |
| var rowColor = "rowColor"; |
| var tableTab = "tableTab"; |
| var activeTableTab = "activeTableTab"; |
| </script> |
| <noscript> |
| <div>JavaScript is disabled on your browser.</div> |
| </noscript> |
| |
| <!-- ========= START OF TOP NAVBAR ======= --> |
| <div class="topNav"><a name="navbar.top"> |
| <!-- --> |
| </a> |
| <div class="skipNav"><a href="#skip.navbar.top" title="Skip navigation links">Skip navigation links</a></div> |
| <a name="navbar.top.firstrow"> |
| <!-- --> |
| </a> |
| <ul class="navList" title="Navigation"> |
| <li><a href="../../../../../../overview-summary.html">Overview</a></li> |
| <li><a href="package-summary.html">Package</a></li> |
| <li class="navBarCell1Rev">Class</li> |
| <li><a href="class-use/AuthorizationFilter.html">Use</a></li> |
| <li><a href="package-tree.html">Tree</a></li> |
| <li><a href="../../../../../../deprecated-list.html">Deprecated</a></li> |
| <li><a href="../../../../../../index-all.html">Index</a></li> |
| <li><a href="../../../../../../help-doc.html">Help</a></li> |
| </ul> |
| </div> |
| <div class="subNav"> |
| <ul class="navList"> |
| <li>Prev Class</li> |
| <li><a href="../../../../../../org/apache/shiro/web/filter/authz/HostFilter.html" title="class in org.apache.shiro.web.filter.authz"><span class="typeNameLink">Next Class</span></a></li> |
| </ul> |
| <ul class="navList"> |
| <li><a href="../../../../../../index.html?org/apache/shiro/web/filter/authz/AuthorizationFilter.html" target="_top">Frames</a></li> |
| <li><a href="AuthorizationFilter.html" target="_top">No Frames</a></li> |
| </ul> |
| <ul class="navList" id="allclasses_navbar_top"> |
| <li><a href="../../../../../../allclasses-noframe.html">All Classes</a></li> |
| </ul> |
| <div> |
| <script type="text/javascript"><!-- |
| allClassesLink = document.getElementById("allclasses_navbar_top"); |
| if(window==top) { |
| allClassesLink.style.display = "block"; |
| } |
| else { |
| allClassesLink.style.display = "none"; |
| } |
| //--> |
| </script> |
| </div> |
| <div> |
| <ul class="subNavList"> |
| <li>Summary: </li> |
| <li>Nested | </li> |
| <li><a href="#fields.inherited.from.class.org.apache.shiro.web.filter.AccessControlFilter">Field</a> | </li> |
| <li><a href="#constructor.summary">Constr</a> | </li> |
| <li><a href="#method.summary">Method</a></li> |
| </ul> |
| <ul class="subNavList"> |
| <li>Detail: </li> |
| <li>Field | </li> |
| <li><a href="#constructor.detail">Constr</a> | </li> |
| <li><a href="#method.detail">Method</a></li> |
| </ul> |
| </div> |
| <a name="skip.navbar.top"> |
| <!-- --> |
| </a></div> |
| <!-- ========= END OF TOP NAVBAR ========= --> |
| <!-- ======== START OF CLASS DATA ======== --> |
| <div class="header"> |
| <div class="subTitle">org.apache.shiro.web.filter.authz</div> |
| <h2 title="Class AuthorizationFilter" class="title">Class AuthorizationFilter</h2> |
| </div> |
| <div class="contentContainer"> |
| <ul class="inheritance"> |
| <li><a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">java.lang.Object</a></li> |
| <li> |
| <ul class="inheritance"> |
| <li><a href="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html" title="class in org.apache.shiro.web.servlet">org.apache.shiro.web.servlet.ServletContextSupport</a></li> |
| <li> |
| <ul class="inheritance"> |
| <li><a href="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html" title="class in org.apache.shiro.web.servlet">org.apache.shiro.web.servlet.AbstractFilter</a></li> |
| <li> |
| <ul class="inheritance"> |
| <li><a href="../../../../../../org/apache/shiro/web/servlet/NameableFilter.html" title="class in org.apache.shiro.web.servlet">org.apache.shiro.web.servlet.NameableFilter</a></li> |
| <li> |
| <ul class="inheritance"> |
| <li><a href="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html" title="class in org.apache.shiro.web.servlet">org.apache.shiro.web.servlet.OncePerRequestFilter</a></li> |
| <li> |
| <ul class="inheritance"> |
| <li><a href="../../../../../../org/apache/shiro/web/servlet/AdviceFilter.html" title="class in org.apache.shiro.web.servlet">org.apache.shiro.web.servlet.AdviceFilter</a></li> |
| <li> |
| <ul class="inheritance"> |
| <li><a href="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html" title="class in org.apache.shiro.web.filter">org.apache.shiro.web.filter.PathMatchingFilter</a></li> |
| <li> |
| <ul class="inheritance"> |
| <li><a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html" title="class in org.apache.shiro.web.filter">org.apache.shiro.web.filter.AccessControlFilter</a></li> |
| <li> |
| <ul class="inheritance"> |
| <li>org.apache.shiro.web.filter.authz.AuthorizationFilter</li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| <div class="description"> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <dl> |
| <dt>All Implemented Interfaces:</dt> |
| <dd><a href="http://java.sun.com/javaee/5/docs/api/javax/servlet/Filter.html?is-external=true" title="class or interface in javax.servlet">Filter</a>, <a href="../../../../../../org/apache/shiro/util/Nameable.html" title="interface in org.apache.shiro.util">Nameable</a>, <a href="../../../../../../org/apache/shiro/web/filter/PathConfigProcessor.html" title="interface in org.apache.shiro.web.filter">PathConfigProcessor</a></dd> |
| </dl> |
| <dl> |
| <dt>Direct Known Subclasses:</dt> |
| <dd><a href="../../../../../../org/apache/shiro/web/filter/authz/HostFilter.html" title="class in org.apache.shiro.web.filter.authz">HostFilter</a>, <a href="../../../../../../org/apache/shiro/web/filter/authz/PermissionsAuthorizationFilter.html" title="class in org.apache.shiro.web.filter.authz">PermissionsAuthorizationFilter</a>, <a href="../../../../../../org/apache/shiro/web/filter/authz/PortFilter.html" title="class in org.apache.shiro.web.filter.authz">PortFilter</a>, <a href="../../../../../../org/apache/shiro/web/filter/authz/RolesAuthorizationFilter.html" title="class in org.apache.shiro.web.filter.authz">RolesAuthorizationFilter</a></dd> |
| </dl> |
| <hr> |
| <br> |
| <pre>public abstract class <a href="../../../../../../src-html/org/apache/shiro/web/filter/authz/AuthorizationFilter.html#line.39">AuthorizationFilter</a> |
| extends <a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html" title="class in org.apache.shiro.web.filter">AccessControlFilter</a></pre> |
| <div class="block">Superclass for authorization-related filters. If an request is unauthorized, response handling is delegated to the |
| <a href="../../../../../../org/apache/shiro/web/filter/authz/AuthorizationFilter.html#onAccessDenied-javax.servlet.ServletRequest-javax.servlet.ServletResponse-"><code>onAccessDenied</code></a> method, which |
| provides reasonable handling for most applications.</div> |
| <dl> |
| <dt><span class="simpleTagLabel">Since:</span></dt> |
| <dd>0.9</dd> |
| <dt><span class="seeLabel">See Also:</span></dt> |
| <dd><a href="../../../../../../org/apache/shiro/web/filter/authz/AuthorizationFilter.html#onAccessDenied-javax.servlet.ServletRequest-javax.servlet.ServletResponse-"><code>onAccessDenied(javax.servlet.ServletRequest, javax.servlet.ServletResponse)</code></a></dd> |
| </dl> |
| </li> |
| </ul> |
| </div> |
| <div class="summary"> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <!-- =========== FIELD SUMMARY =========== --> |
| <ul class="blockList"> |
| <li class="blockList"><a name="field.summary"> |
| <!-- --> |
| </a> |
| <h3>Field Summary</h3> |
| <ul class="blockList"> |
| <li class="blockList"><a name="fields.inherited.from.class.org.apache.shiro.web.filter.AccessControlFilter"> |
| <!-- --> |
| </a> |
| <h3>Fields inherited from class org.apache.shiro.web.filter.<a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html" title="class in org.apache.shiro.web.filter">AccessControlFilter</a></h3> |
| <code><a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#DEFAULT_LOGIN_URL">DEFAULT_LOGIN_URL</a>, <a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#GET_METHOD">GET_METHOD</a>, <a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#POST_METHOD">POST_METHOD</a></code></li> |
| </ul> |
| <ul class="blockList"> |
| <li class="blockList"><a name="fields.inherited.from.class.org.apache.shiro.web.filter.PathMatchingFilter"> |
| <!-- --> |
| </a> |
| <h3>Fields inherited from class org.apache.shiro.web.filter.<a href="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html" title="class in org.apache.shiro.web.filter">PathMatchingFilter</a></h3> |
| <code><a href="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html#appliedPaths">appliedPaths</a>, <a href="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html#pathMatcher">pathMatcher</a></code></li> |
| </ul> |
| <ul class="blockList"> |
| <li class="blockList"><a name="fields.inherited.from.class.org.apache.shiro.web.servlet.OncePerRequestFilter"> |
| <!-- --> |
| </a> |
| <h3>Fields inherited from class org.apache.shiro.web.servlet.<a href="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html" title="class in org.apache.shiro.web.servlet">OncePerRequestFilter</a></h3> |
| <code><a href="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html#ALREADY_FILTERED_SUFFIX">ALREADY_FILTERED_SUFFIX</a></code></li> |
| </ul> |
| <ul class="blockList"> |
| <li class="blockList"><a name="fields.inherited.from.class.org.apache.shiro.web.servlet.AbstractFilter"> |
| <!-- --> |
| </a> |
| <h3>Fields inherited from class org.apache.shiro.web.servlet.<a href="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html" title="class in org.apache.shiro.web.servlet">AbstractFilter</a></h3> |
| <code><a href="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html#filterConfig">filterConfig</a></code></li> |
| </ul> |
| </li> |
| </ul> |
| <!-- ======== CONSTRUCTOR SUMMARY ======== --> |
| <ul class="blockList"> |
| <li class="blockList"><a name="constructor.summary"> |
| <!-- --> |
| </a> |
| <h3>Constructor Summary</h3> |
| <table class="memberSummary" border="0" cellpadding="3" cellspacing="0" summary="Constructor Summary table, listing constructors, and an explanation"> |
| <caption><span>Constructors</span><span class="tabEnd"> </span></caption> |
| <tr> |
| <th class="colOne" scope="col">Constructor and Description</th> |
| </tr> |
| <tr class="altColor"> |
| <td class="colOne"><code><span class="memberNameLink"><a href="../../../../../../org/apache/shiro/web/filter/authz/AuthorizationFilter.html#AuthorizationFilter--">AuthorizationFilter</a></span>()</code> </td> |
| </tr> |
| </table> |
| </li> |
| </ul> |
| <!-- ========== METHOD SUMMARY =========== --> |
| <ul class="blockList"> |
| <li class="blockList"><a name="method.summary"> |
| <!-- --> |
| </a> |
| <h3>Method Summary</h3> |
| <table class="memberSummary" border="0" cellpadding="3" cellspacing="0" summary="Method Summary table, listing methods, and an explanation"> |
| <caption><span id="t0" class="activeTableTab"><span>All Methods</span><span class="tabEnd"> </span></span><span id="t2" class="tableTab"><span><a href="javascript:show(2);">Instance Methods</a></span><span class="tabEnd"> </span></span><span id="t4" class="tableTab"><span><a href="javascript:show(8);">Concrete Methods</a></span><span class="tabEnd"> </span></span></caption> |
| <tr> |
| <th class="colFirst" scope="col">Modifier and Type</th> |
| <th class="colLast" scope="col">Method and Description</th> |
| </tr> |
| <tr id="i0" class="altColor"> |
| <td class="colFirst"><code><a href="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a></code></td> |
| <td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../org/apache/shiro/web/filter/authz/AuthorizationFilter.html#getUnauthorizedUrl--">getUnauthorizedUrl</a></span>()</code> |
| <div class="block">Returns the URL to which users should be redirected if they are denied access to an underlying path or resource, |
| or <code>null</code> if a raw <a href="http://java.sun.com/javaee/5/docs/api/javax/servlet/http/HttpServletResponse.html?is-external=true#SC_UNAUTHORIZED" title="class or interface in javax.servlet.http"><code>HttpServletResponse.SC_UNAUTHORIZED</code></a> response should be issued (401 Unauthorized).</div> |
| </td> |
| </tr> |
| <tr id="i1" class="rowColor"> |
| <td class="colFirst"><code>protected boolean</code></td> |
| <td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../org/apache/shiro/web/filter/authz/AuthorizationFilter.html#onAccessDenied-javax.servlet.ServletRequest-javax.servlet.ServletResponse-">onAccessDenied</a></span>(<a href="http://java.sun.com/javaee/5/docs/api/javax/servlet/ServletRequest.html?is-external=true" title="class or interface in javax.servlet">ServletRequest</a> request, |
| <a href="http://java.sun.com/javaee/5/docs/api/javax/servlet/ServletResponse.html?is-external=true" title="class or interface in javax.servlet">ServletResponse</a> response)</code> |
| <div class="block">Handles the response when access has been denied.</div> |
| </td> |
| </tr> |
| <tr id="i2" class="altColor"> |
| <td class="colFirst"><code>void</code></td> |
| <td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../org/apache/shiro/web/filter/authz/AuthorizationFilter.html#setUnauthorizedUrl-java.lang.String-">setUnauthorizedUrl</a></span>(<a href="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> unauthorizedUrl)</code> |
| <div class="block">Sets the URL to which users should be redirected if they are denied access to an underlying path or resource.</div> |
| </td> |
| </tr> |
| </table> |
| <ul class="blockList"> |
| <li class="blockList"><a name="methods.inherited.from.class.org.apache.shiro.web.filter.AccessControlFilter"> |
| <!-- --> |
| </a> |
| <h3>Methods inherited from class org.apache.shiro.web.filter.<a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html" title="class in org.apache.shiro.web.filter">AccessControlFilter</a></h3> |
| <code><a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#getLoginUrl--">getLoginUrl</a>, <a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#getSubject-javax.servlet.ServletRequest-javax.servlet.ServletResponse-">getSubject</a>, <a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#isAccessAllowed-javax.servlet.ServletRequest-javax.servlet.ServletResponse-java.lang.Object-">isAccessAllowed</a>, <a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#isLoginRequest-javax.servlet.ServletRequest-javax.servlet.ServletResponse-">isLoginRequest</a>, <a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#onAccessDenied-javax.servlet.ServletRequest-javax.servlet.ServletResponse-java.lang.Object-">onAccessDenied</a>, <a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#onPreHandle-javax.servlet.ServletRequest-javax.servlet.ServletResponse-java.lang.Object-">onPreHandle</a>, <a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#redirectToLogin-javax.servlet.ServletRequest-javax.servlet.ServletResponse-">redirectToLogin</a>, <a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#saveRequest-javax.servlet.ServletRequest-">saveRequest</a>, <a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#saveRequestAndRedirectToLogin-javax.servlet.ServletRequest-javax.servlet.ServletResponse-">saveRequestAndRedirectToLogin</a>, <a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#setLoginUrl-java.lang.String-">setLoginUrl</a></code></li> |
| </ul> |
| <ul class="blockList"> |
| <li class="blockList"><a name="methods.inherited.from.class.org.apache.shiro.web.filter.PathMatchingFilter"> |
| <!-- --> |
| </a> |
| <h3>Methods inherited from class org.apache.shiro.web.filter.<a href="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html" title="class in org.apache.shiro.web.filter">PathMatchingFilter</a></h3> |
| <code><a href="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html#getPathWithinApplication-javax.servlet.ServletRequest-">getPathWithinApplication</a>, <a href="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html#isEnabled-javax.servlet.ServletRequest-javax.servlet.ServletResponse-java.lang.String-java.lang.Object-">isEnabled</a>, <a href="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html#pathsMatch-java.lang.String-javax.servlet.ServletRequest-">pathsMatch</a>, <a href="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html#pathsMatch-java.lang.String-java.lang.String-">pathsMatch</a>, <a href="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html#preHandle-javax.servlet.ServletRequest-javax.servlet.ServletResponse-">preHandle</a>, <a href="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html#processPathConfig-java.lang.String-java.lang.String-">processPathConfig</a></code></li> |
| </ul> |
| <ul class="blockList"> |
| <li class="blockList"><a name="methods.inherited.from.class.org.apache.shiro.web.servlet.AdviceFilter"> |
| <!-- --> |
| </a> |
| <h3>Methods inherited from class org.apache.shiro.web.servlet.<a href="../../../../../../org/apache/shiro/web/servlet/AdviceFilter.html" title="class in org.apache.shiro.web.servlet">AdviceFilter</a></h3> |
| <code><a href="../../../../../../org/apache/shiro/web/servlet/AdviceFilter.html#afterCompletion-javax.servlet.ServletRequest-javax.servlet.ServletResponse-java.lang.Exception-">afterCompletion</a>, <a href="../../../../../../org/apache/shiro/web/servlet/AdviceFilter.html#cleanup-javax.servlet.ServletRequest-javax.servlet.ServletResponse-java.lang.Exception-">cleanup</a>, <a href="../../../../../../org/apache/shiro/web/servlet/AdviceFilter.html#doFilterInternal-javax.servlet.ServletRequest-javax.servlet.ServletResponse-javax.servlet.FilterChain-">doFilterInternal</a>, <a href="../../../../../../org/apache/shiro/web/servlet/AdviceFilter.html#executeChain-javax.servlet.ServletRequest-javax.servlet.ServletResponse-javax.servlet.FilterChain-">executeChain</a>, <a href="../../../../../../org/apache/shiro/web/servlet/AdviceFilter.html#postHandle-javax.servlet.ServletRequest-javax.servlet.ServletResponse-">postHandle</a></code></li> |
| </ul> |
| <ul class="blockList"> |
| <li class="blockList"><a name="methods.inherited.from.class.org.apache.shiro.web.servlet.OncePerRequestFilter"> |
| <!-- --> |
| </a> |
| <h3>Methods inherited from class org.apache.shiro.web.servlet.<a href="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html" title="class in org.apache.shiro.web.servlet">OncePerRequestFilter</a></h3> |
| <code><a href="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html#doFilter-javax.servlet.ServletRequest-javax.servlet.ServletResponse-javax.servlet.FilterChain-">doFilter</a>, <a href="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html#getAlreadyFilteredAttributeName--">getAlreadyFilteredAttributeName</a>, <a href="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html#isEnabled--">isEnabled</a>, <a href="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html#isEnabled-javax.servlet.ServletRequest-javax.servlet.ServletResponse-">isEnabled</a>, <a href="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html#setEnabled-boolean-">setEnabled</a>, <a href="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html#shouldNotFilter-javax.servlet.ServletRequest-">shouldNotFilter</a></code></li> |
| </ul> |
| <ul class="blockList"> |
| <li class="blockList"><a name="methods.inherited.from.class.org.apache.shiro.web.servlet.NameableFilter"> |
| <!-- --> |
| </a> |
| <h3>Methods inherited from class org.apache.shiro.web.servlet.<a href="../../../../../../org/apache/shiro/web/servlet/NameableFilter.html" title="class in org.apache.shiro.web.servlet">NameableFilter</a></h3> |
| <code><a href="../../../../../../org/apache/shiro/web/servlet/NameableFilter.html#getName--">getName</a>, <a href="../../../../../../org/apache/shiro/web/servlet/NameableFilter.html#setName-java.lang.String-">setName</a>, <a href="../../../../../../org/apache/shiro/web/servlet/NameableFilter.html#toStringBuilder--">toStringBuilder</a></code></li> |
| </ul> |
| <ul class="blockList"> |
| <li class="blockList"><a name="methods.inherited.from.class.org.apache.shiro.web.servlet.AbstractFilter"> |
| <!-- --> |
| </a> |
| <h3>Methods inherited from class org.apache.shiro.web.servlet.<a href="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html" title="class in org.apache.shiro.web.servlet">AbstractFilter</a></h3> |
| <code><a href="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html#destroy--">destroy</a>, <a href="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html#getFilterConfig--">getFilterConfig</a>, <a href="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html#getInitParam-java.lang.String-">getInitParam</a>, <a href="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html#init-javax.servlet.FilterConfig-">init</a>, <a href="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html#onFilterConfigSet--">onFilterConfigSet</a>, <a href="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html#setFilterConfig-javax.servlet.FilterConfig-">setFilterConfig</a></code></li> |
| </ul> |
| <ul class="blockList"> |
| <li class="blockList"><a name="methods.inherited.from.class.org.apache.shiro.web.servlet.ServletContextSupport"> |
| <!-- --> |
| </a> |
| <h3>Methods inherited from class org.apache.shiro.web.servlet.<a href="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html" title="class in org.apache.shiro.web.servlet">ServletContextSupport</a></h3> |
| <code><a href="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html#getContextAttribute-java.lang.String-">getContextAttribute</a>, <a href="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html#getContextInitParam-java.lang.String-">getContextInitParam</a>, <a href="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html#getServletContext--">getServletContext</a>, <a href="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html#removeContextAttribute-java.lang.String-">removeContextAttribute</a>, <a href="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html#setContextAttribute-java.lang.String-java.lang.Object-">setContextAttribute</a>, <a href="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html#setServletContext-javax.servlet.ServletContext-">setServletContext</a>, <a href="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html#toString--">toString</a></code></li> |
| </ul> |
| <ul class="blockList"> |
| <li class="blockList"><a name="methods.inherited.from.class.java.lang.Object"> |
| <!-- --> |
| </a> |
| <h3>Methods inherited from class java.lang.<a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</a></h3> |
| <code><a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#clone--" title="class or interface in java.lang">clone</a>, <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#equals-java.lang.Object-" title="class or interface in java.lang">equals</a>, <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#finalize--" title="class or interface in java.lang">finalize</a>, <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#getClass--" title="class or interface in java.lang">getClass</a>, <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#hashCode--" title="class or interface in java.lang">hashCode</a>, <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#notify--" title="class or interface in java.lang">notify</a>, <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#notifyAll--" title="class or interface in java.lang">notifyAll</a>, <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#wait--" title="class or interface in java.lang">wait</a>, <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#wait-long-" title="class or interface in java.lang">wait</a>, <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#wait-long-int-" title="class or interface in java.lang">wait</a></code></li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </div> |
| <div class="details"> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <!-- ========= CONSTRUCTOR DETAIL ======== --> |
| <ul class="blockList"> |
| <li class="blockList"><a name="constructor.detail"> |
| <!-- --> |
| </a> |
| <h3>Constructor Detail</h3> |
| <a name="AuthorizationFilter--"> |
| <!-- --> |
| </a> |
| <ul class="blockListLast"> |
| <li class="blockList"> |
| <h4>AuthorizationFilter</h4> |
| <pre>public <a href="../../../../../../src-html/org/apache/shiro/web/filter/authz/AuthorizationFilter.html#line.39">AuthorizationFilter</a>()</pre> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| <!-- ============ METHOD DETAIL ========== --> |
| <ul class="blockList"> |
| <li class="blockList"><a name="method.detail"> |
| <!-- --> |
| </a> |
| <h3>Method Detail</h3> |
| <a name="getUnauthorizedUrl--"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>getUnauthorizedUrl</h4> |
| <pre>public <a href="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> <a href="../../../../../../src-html/org/apache/shiro/web/filter/authz/AuthorizationFilter.html#line.59">getUnauthorizedUrl</a>()</pre> |
| <div class="block">Returns the URL to which users should be redirected if they are denied access to an underlying path or resource, |
| or <code>null</code> if a raw <a href="http://java.sun.com/javaee/5/docs/api/javax/servlet/http/HttpServletResponse.html?is-external=true#SC_UNAUTHORIZED" title="class or interface in javax.servlet.http"><code>HttpServletResponse.SC_UNAUTHORIZED</code></a> response should be issued (401 Unauthorized). |
| <p/> |
| The default is <code>null</code>, ensuring default web server behavior. Override this default by calling the |
| <a href="../../../../../../org/apache/shiro/web/filter/authz/AuthorizationFilter.html#setUnauthorizedUrl-java.lang.String-"><code>setUnauthorizedUrl</code></a> method with a meaningful path within your application |
| if you would like to show the user a 'nice' page in the event of unauthorized access.</div> |
| <dl> |
| <dt><span class="returnLabel">Returns:</span></dt> |
| <dd>the URL to which users should be redirected if they are denied access to an underlying path or resource, |
| or <code>null</code> if a raw <a href="http://java.sun.com/javaee/5/docs/api/javax/servlet/http/HttpServletResponse.html?is-external=true#SC_UNAUTHORIZED" title="class or interface in javax.servlet.http"><code>HttpServletResponse.SC_UNAUTHORIZED</code></a> response should be issued (401 Unauthorized).</dd> |
| </dl> |
| </li> |
| </ul> |
| <a name="setUnauthorizedUrl-java.lang.String-"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>setUnauthorizedUrl</h4> |
| <pre>public void <a href="../../../../../../src-html/org/apache/shiro/web/filter/authz/AuthorizationFilter.html#line.77">setUnauthorizedUrl</a>(<a href="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> unauthorizedUrl)</pre> |
| <div class="block">Sets the URL to which users should be redirected if they are denied access to an underlying path or resource. |
| <p/> |
| If the value is <code>null</code> a raw <a href="http://java.sun.com/javaee/5/docs/api/javax/servlet/http/HttpServletResponse.html?is-external=true#SC_UNAUTHORIZED" title="class or interface in javax.servlet.http"><code>HttpServletResponse.SC_UNAUTHORIZED</code></a> response will |
| be issued (401 Unauthorized), retaining default web server behavior. |
| <p/> |
| Unless overridden by calling this method, the default value is <code>null</code>. If desired, you can specify a |
| meaningful path within your application if you would like to show the user a 'nice' page in the event of |
| unauthorized access.</div> |
| <dl> |
| <dt><span class="paramLabel">Parameters:</span></dt> |
| <dd><code>unauthorizedUrl</code> - the URL to which users should be redirected if they are denied access to an underlying |
| path or resource, or <code>null</code> to a ensure raw <a href="http://java.sun.com/javaee/5/docs/api/javax/servlet/http/HttpServletResponse.html?is-external=true#SC_UNAUTHORIZED" title="class or interface in javax.servlet.http"><code>HttpServletResponse.SC_UNAUTHORIZED</code></a> response is |
| issued (401 Unauthorized).</dd> |
| </dl> |
| </li> |
| </ul> |
| <a name="onAccessDenied-javax.servlet.ServletRequest-javax.servlet.ServletResponse-"> |
| <!-- --> |
| </a> |
| <ul class="blockListLast"> |
| <li class="blockList"> |
| <h4>onAccessDenied</h4> |
| <pre>protected boolean <a href="../../../../../../src-html/org/apache/shiro/web/filter/authz/AuthorizationFilter.html#line.106">onAccessDenied</a>(<a href="http://java.sun.com/javaee/5/docs/api/javax/servlet/ServletRequest.html?is-external=true" title="class or interface in javax.servlet">ServletRequest</a> request, |
| <a href="http://java.sun.com/javaee/5/docs/api/javax/servlet/ServletResponse.html?is-external=true" title="class or interface in javax.servlet">ServletResponse</a> response) |
| throws <a href="http://java.sun.com/javase/6/docs/api/java/io/IOException.html?is-external=true" title="class or interface in java.io">IOException</a></pre> |
| <div class="block">Handles the response when access has been denied. It behaves as follows: |
| <ul> |
| <li>If the <code>Subject</code> is unknown<sup><a href="#known">[1]</a></sup>: |
| <ol><li>The incoming request will be saved and they will be redirected to the login page for authentication |
| (via the <a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#saveRequestAndRedirectToLogin-javax.servlet.ServletRequest-javax.servlet.ServletResponse-"><code>AccessControlFilter.saveRequestAndRedirectToLogin(javax.servlet.ServletRequest, javax.servlet.ServletResponse)</code></a> |
| method).</li> |
| <li>Once successfully authenticated, they will be redirected back to the originally attempted page.</li></ol> |
| </li> |
| <li>If the Subject is known:</li> |
| <ol> |
| <li>The HTTP <a href="http://java.sun.com/javaee/5/docs/api/javax/servlet/http/HttpServletResponse.html?is-external=true#SC_UNAUTHORIZED" title="class or interface in javax.servlet.http"><code>HttpServletResponse.SC_UNAUTHORIZED</code></a> header will be set (401 Unauthorized)</li> |
| <li>If the <a href="../../../../../../org/apache/shiro/web/filter/authz/AuthorizationFilter.html#getUnauthorizedUrl--"><code>unauthorizedUrl</code></a> has been configured, a redirect will be issued to that |
| URL. Otherwise the 401 response is rendered normally</li> |
| </ul> |
| <code><a name="known">[1]</a></code>: A <code>Subject</code> is 'known' when |
| <code>subject.<a href="../../../../../../org/apache/shiro/subject/Subject.html#getPrincipal--"><code>getPrincipal()</code></a></code> is not <code>null</code>, |
| which implicitly means that the subject is either currently authenticated or they have been remembered via |
| 'remember me' services.</div> |
| <dl> |
| <dt><span class="overrideSpecifyLabel">Specified by:</span></dt> |
| <dd><code><a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#onAccessDenied-javax.servlet.ServletRequest-javax.servlet.ServletResponse-">onAccessDenied</a></code> in class <code><a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html" title="class in org.apache.shiro.web.filter">AccessControlFilter</a></code></dd> |
| <dt><span class="paramLabel">Parameters:</span></dt> |
| <dd><code>request</code> - the incoming <code>ServletRequest</code></dd> |
| <dd><code>response</code> - the outgoing <code>ServletResponse</code></dd> |
| <dt><span class="returnLabel">Returns:</span></dt> |
| <dd><code>false</code> always for this implementation.</dd> |
| <dt><span class="throwsLabel">Throws:</span></dt> |
| <dd><code><a href="http://java.sun.com/javase/6/docs/api/java/io/IOException.html?is-external=true" title="class or interface in java.io">IOException</a></code> - if there is any servlet error.</dd> |
| </dl> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </div> |
| </div> |
| <!-- ========= END OF CLASS DATA ========= --> |
| <!-- ======= START OF BOTTOM NAVBAR ====== --> |
| <div class="bottomNav"><a name="navbar.bottom"> |
| <!-- --> |
| </a> |
| <div class="skipNav"><a href="#skip.navbar.bottom" title="Skip navigation links">Skip navigation links</a></div> |
| <a name="navbar.bottom.firstrow"> |
| <!-- --> |
| </a> |
| <ul class="navList" title="Navigation"> |
| <li><a href="../../../../../../overview-summary.html">Overview</a></li> |
| <li><a href="package-summary.html">Package</a></li> |
| <li class="navBarCell1Rev">Class</li> |
| <li><a href="class-use/AuthorizationFilter.html">Use</a></li> |
| <li><a href="package-tree.html">Tree</a></li> |
| <li><a href="../../../../../../deprecated-list.html">Deprecated</a></li> |
| <li><a href="../../../../../../index-all.html">Index</a></li> |
| <li><a href="../../../../../../help-doc.html">Help</a></li> |
| </ul> |
| </div> |
| <div class="subNav"> |
| <ul class="navList"> |
| <li>Prev Class</li> |
| <li><a href="../../../../../../org/apache/shiro/web/filter/authz/HostFilter.html" title="class in org.apache.shiro.web.filter.authz"><span class="typeNameLink">Next Class</span></a></li> |
| </ul> |
| <ul class="navList"> |
| <li><a href="../../../../../../index.html?org/apache/shiro/web/filter/authz/AuthorizationFilter.html" target="_top">Frames</a></li> |
| <li><a href="AuthorizationFilter.html" target="_top">No Frames</a></li> |
| </ul> |
| <ul class="navList" id="allclasses_navbar_bottom"> |
| <li><a href="../../../../../../allclasses-noframe.html">All Classes</a></li> |
| </ul> |
| <div> |
| <script type="text/javascript"><!-- |
| allClassesLink = document.getElementById("allclasses_navbar_bottom"); |
| if(window==top) { |
| allClassesLink.style.display = "block"; |
| } |
| else { |
| allClassesLink.style.display = "none"; |
| } |
| //--> |
| </script> |
| </div> |
| <div> |
| <ul class="subNavList"> |
| <li>Summary: </li> |
| <li>Nested | </li> |
| <li><a href="#fields.inherited.from.class.org.apache.shiro.web.filter.AccessControlFilter">Field</a> | </li> |
| <li><a href="#constructor.summary">Constr</a> | </li> |
| <li><a href="#method.summary">Method</a></li> |
| </ul> |
| <ul class="subNavList"> |
| <li>Detail: </li> |
| <li>Field | </li> |
| <li><a href="#constructor.detail">Constr</a> | </li> |
| <li><a href="#method.detail">Method</a></li> |
| </ul> |
| </div> |
| <a name="skip.navbar.bottom"> |
| <!-- --> |
| </a></div> |
| <!-- ======== END OF BOTTOM NAVBAR ======= --> |
| <p class="legalCopy"><small>Copyright © 2004-2016 <a href="http://www.apache.org/">The Apache Software Foundation</a>. All Rights Reserved.</small></p> |
| </body> |
| </html> |